Aller au contenu

« SecretsManager » : différence entre les versions

De Banane Atomic
← Modification précédenteModification suivante →
Aucun résumé des modifications
Ligne 3 : Ligne 3 :
* [https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets_cache-net.html Secrets Manager Cache]
* [https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets_cache-net.html Secrets Manager Cache]
* [https://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/csharp_secrets-manager_code_examples.html Secrets Manager]
* [https://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/csharp_secrets-manager_code_examples.html Secrets Manager]
= Load all the secrets into a dictionary =
Nuget packages: {{boxx|AWSSDK.SecretsManager}} {{boxx|AWSSDK.SSO}} {{boxx|AWSSDK.SSOOIDC}}
<kode lang='cs'>
var secretsManagerConfig = new AmazonSecretsManagerConfig()
{
    Profile = new Profile("MyProfile"),
    RegionEndpoint = RegionEndpoint.EUCentral1
};
var secretsManager = new AmazonSecretsManagerClient(secretsManagerConfig);
var request = new GetSecretValueRequest
{
    SecretId = "MySecretName"
};
var response = await secretsManager.GetSecretValueAsync(request);
var secret = JsonConvert.DeserializeObject<Dictionary<string, string>>(response.SecretString);
return secret;
</kode>


= [https://aws.amazon.com/blogs/modernizing-with-aws/how-to-load-net-configuration-from-aws-secrets-manager/ Load configuration from Secrets Manager using a ConfigurationProvider] =
= [https://aws.amazon.com/blogs/modernizing-with-aws/how-to-load-net-configuration-from-aws-secrets-manager/ Load configuration from Secrets Manager using a ConfigurationProvider] =
Ligne 81 : Ligne 59 :
var secretValue = builder.Configuration["Secret key"];
var secretValue = builder.Configuration["Secret key"];
</filebox>
</filebox>
= Load the secrets into a dictionary =
Nuget packages: {{boxx|AWSSDK.SecretsManager}} {{boxx|AWSSDK.SSO}} {{boxx|AWSSDK.SSOOIDC}}
<kode lang='cs'>
var secretsManagerConfig = new AmazonSecretsManagerConfig()
{
    Profile = new Profile("MyProfile"),
    RegionEndpoint = RegionEndpoint.EUCentral1
};
var secretsManager = new AmazonSecretsManagerClient(secretsManagerConfig);
var request = new GetSecretValueRequest
{
    SecretId = "MySecretName"
};
var response = await secretsManager.GetSecretValueAsync(request);
var secret = JsonConvert.DeserializeObject<Dictionary<string, string>>(response.SecretString);
return secret;
</kode>

Version du 12 juillet 2024 à 13:13

Links

Load configuration from Secrets Manager using a ConfigurationProvider

AmazonSecretsManagerConfigurationProvider.cs 
public class AmazonSecretsManagerConfigurationProvider(string secretName) : ConfigurationProvider
{
    public override void Load()
    {
        var secret = GetSecret();
        Data = JsonSerializer.Deserialize<Dictionary<string, string>>(secret)!;
    }

    private string GetSecret()
    {
        var request = new GetSecretValueRequest
        {
            SecretId = this.secretName
        };

        using var client = new AmazonSecretsManagerClient()
        var response = client.GetSecretValueAsync(request).Result;
        return response.SecretString;
    }
}
AmazonSecretsManagerConfigurationSource.cs 
public class AmazonSecretsManagerConfigurationSource(string secretName) : IConfigurationSource
{
    public IConfigurationProvider Build(IConfigurationBuilder builder)
        => new AmazonSecretsManagerConfigurationProvider(this.secretName);
}
ConfigurationBuilderExtensions.cs 
public static class ConfigurationBuilderExtensions
{
    public static void AddAmazonSecretsManager(this IConfigurationBuilder configurationBuilder, string secretName)
    {
        var configurationSource = new AmazonSecretsManagerConfigurationSource(secretName);
        configurationBuilder.Add(configurationSource);
    }
}
Program.cs 
builder.Configuration.AddAmazonSecretsManager("Secret name");

// inject an object which contains the secrets
builder.Services.Configure<MySecrets>(builder.Configuration);

// load the secrets from the configuration into the MySecret object
var mySecrets = configuration.Get<MaiaSecrets>();

// get a secret from a configuration key
var secretValue = builder.Configuration["Secret key"];

Load the secrets into a dictionary

Nuget packages: AWSSDK.SecretsManager AWSSDK.SSO AWSSDK.SSOOIDC 

var secretsManagerConfig = new AmazonSecretsManagerConfig()
{
    Profile = new Profile("MyProfile"),
    RegionEndpoint = RegionEndpoint.EUCentral1
};
var secretsManager = new AmazonSecretsManagerClient(secretsManagerConfig);

var request = new GetSecretValueRequest
{
    SecretId = "MySecretName"
};

var response = await secretsManager.GetSecretValueAsync(request);

var secret = JsonConvert.DeserializeObject<Dictionary<string, string>>(response.SecretString);

return secret;
Récupérée de « http://wiki.bananeatomic.fr/index.php?title=SecretsManager&oldid=30907 »